Public bug reported:
Binary package hint: passwd
While changing my password, i hit CTRL-D at one of the inputs, and the
program crashed after all password prompts had been cleared:
$ passwd
Changing password for ashridah
(current) UNIX password: <password as normal>
Enter new UNIX password: <enter ctrl-d instead of new password>
Retype new UNIX password: <enter anything>
Segmentation fault
This is easily repeatable, but only if ctrl-d is used for the first new
password prompt. Entering ctrl-d for the second new password prompt
fails as normal.
It doesn't appear to be much of a security issue, however, as passwd
doesn't leave a core file or any other means to exploit it as it's
setuid, but it probably should be checked carefully just in case.
Andrew
** Affects: shadow (Ubuntu)
Importance: Untriaged
Status: Unconfirmed
--
/usr/bin/passwd crashes with a segmentation fault if given null input
https://launchpad.net/bugs/59730
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
